Configure SAST in .gitlab-ci.yml, creating this file if it does not already exist

.gitlab-ci.yml

@@ -1,3 +1,10 @@
+# You can override the included template(s) by including variable overrides
+# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
+# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/pipeline/#customization
+# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
+# Container Scanning customization: https://docs.gitlab.com/ee/user/application_security/container_scanning/#customizing-the-container-scanning-settings
+# Note that environment variables can be set in several places
+# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
 workflow:
   rules:
   - changes:
@@ -6,31 +13,29 @@ workflow:
     - requirements.txt
     when: always
   - when: never
-
 stages:
-#  - test
 - build
 - pre_push
 - push
-
+- test
-# test:
+- deploy
-#   stage: test
+- review
-#   image: python:3.11-alpine
+- dast
-#   script:
+- staging
-#     - pip install -q -r requirements.txt
+- canary
-#     - pip install -q pytest~=8.3.5
+- production
-#     - python -m unittest discover tests
+- incremental rollout 10%
-
+- incremental rollout 25%
+- incremental rollout 50%
+- incremental rollout 100%
+- performance
+- cleanup
 build:
-  # needs:
-  #   - test
-
   stage: build
   script:
   - docker build -t $CI_REGISTRY/$CI_PROJECT_PATH:$CI_COMMIT_REF_SLUG .
   - docker tag $CI_REGISTRY/$CI_PROJECT_PATH:$CI_COMMIT_REF_SLUG $CI_REGISTRY/$CI_PROJECT_PATH:$CI_COMMIT_SHORT_SHA
   - docker tag $CI_REGISTRY/$CI_PROJECT_PATH:$CI_COMMIT_REF_SLUG $CI_REGISTRY/$CI_PROJECT_PATH:latest
-
 pre_push:
   needs:
   - build
@@ -40,7 +45,8 @@ pre_push:
   script:
   - echo "Running container to test image"
   - docker run -d --rm --name test_container $CI_REGISTRY/$CI_PROJECT_PATH:$CI_COMMIT_REF_SLUG
-    - CONTAINER_IP=$(docker inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' test_container)
+  - CONTAINER_IP=$(docker inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}'
+    test_container)
   - |
     echo "Waiting for the application to start..."
     sleep 10
@@ -50,17 +56,19 @@ pre_push:
       echo "Healthcheck failed, stopping push"
       exit 1
     fi
-  
-
   after_script:
   - docker rm -f test_container
-
 push:
   needs:
   - pre_push
   stage: push
   script:
-    - echo "$CI_REGISTRY_PASSWORD" | docker login -u "$CI_REGISTRY_USER" --password-stdin $CI_REGISTRY
+  - echo "$CI_REGISTRY_PASSWORD" | docker login -u "$CI_REGISTRY_USER" --password-stdin
+    $CI_REGISTRY
   - docker push $CI_REGISTRY/$CI_PROJECT_PATH:$CI_COMMIT_SHORT_SHA
   - docker push $CI_REGISTRY/$CI_PROJECT_PATH:$CI_COMMIT_REF_SLUG
   - docker push $CI_REGISTRY/$CI_PROJECT_PATH:latest
+sast:
+  stage: test
+include:
+- template: Auto-DevOps.gitlab-ci.yml